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1 

! COMPUTERISED PAYMENT SYSTEM 

2 FOR PURCHASING GOODS AND SERVICES 

3 ON THE INTERNET 

4 REFERENCE TO RELAT FH APPLICATION 

5 This application is related to copending 

6 application Serial No, 08/308,101, filed September 16, 

7 1994 r the entire disclosure of which is hereby 
s incorporated by reference herein. 

9 BACKGROUND OF THE INVENTION 

10 The present invention relates to a system for 

11 enabling payment for goods and services over a quasi- 

12 public network, and more particularly, the present 

13 invention relates to a payment system that can be used to 

14 enable an Internet user to initiate a payment to another 
is Internet user for goods or services over the Internet* 

15 *phe Internet has emerged as a large community 
l? of electronically-connected users located around the 

is world who readily and regularly exchange significant 

19 amounts of information. The Internet continues to serve 

20 its original purposes of providing for access and 

21 exchange of information among government agencies, 

22 laboratories, and universities for research and 

23 education. In addition, the internet has evolved to 

24 serve a variety of interests and forums that extend 

25 beyond its original goals. 

26 The Internet has been considered as a potential 

27 new marketplace for various types of products, including 

28 goods and services. Using the Internet as a marketplace 

29 has many advantages. Although the Internet presently has 

30 the capability to serve as a marketplace for goods and 

31 services , use of the Internet for this purpose has been 

32 slow to develop. One reason for this lack of development 

33 is that it is difficult to pay for goods or services 

34 using the Internet* An Internet user cannot send cash or 

35 a check via the Internet . Sending a check via physical 
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1 delivery services is slow and sending a credit card 

2 number over the Internet poses security problems* 

3 In the aforementioned patent application, 

4 Serial No, 08/308,101, there was disclosed a payment 

5 system that enabled payment on a quasi-public system, 

6 such as the Internet* The payment system described in 

7 the referenced application is useful for enabling payment 

8 for a variety of products and services , especially for 

9 information products that can be delivered electronically 
10 over the network without physical packaging. Information 
ia products include software, stories, cartoons, recipes, 

12 etc* 

12 The aforementioned payment system has proven 

14 successful. However, there continues to be a need for a 

15 payment system for users of the Internet who have 

16 products to vend- Such products include goods and 

1? services that could be as diverse as clothing, computer 

is hardware, technical support and advice, groceries, 

19 educational courses and training, etc. These types of 

20 goods and services are not necessarily capable of being 

21 transmitted electronically over the network. Such 

22 products may also include information products , as 

23 described above* Since the Internet provides a medium 

24 for users who have all these types of products to sell to 

25 reach users who have an interest in purchasing these 

26 types of products, it would be advantageous if a system 

27 were available for willing users to enter into 

28 transactions with other users for the purchase of these 

29 goods and services* 

30 Accordingly, there is a need for a system that 

31 enables users of the Internet to enter into commercial 

32 transactions for goods and services, 

33 SUMMARY OF THE INVENTION 

34 According to a first embodiment of the present 

35 invention, there are provided a method and payment system 

36 for use on a quasi**public network, such as the Internet, 
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to enable users of the network to conduct commercial 
transactions involving a payment of funds by one user to 
another user of the network. The embodiment includes 
operation of a computer system for sending and receiving 
$ messages from users over the network. Upon receiving a 

6 message over the network from a qualified user-seller, a 

message is sent over the network to the user-buyer that 
e was identified in the message from the user-seller. The 

9 message to the user-buyer requests confirmation of a 

transaction identified in the message received from the 

11 user-seller. Upon receiving a confirmation over the 

12 network from the user-buyer, payment information is sent 

13 by secure channels off the network to an agent of the 

14 user-seller* Upon receipt of an authorization code from 
is the seller's agent, the authorization code is 

is cryptographically signed and sent to the user-seller over 

l? the network* 

18 RRTSF DESCRIPTION OF THE DRAWINGS 

19 Figure 1 is a block diagram illustrating a 

20 payment system according to a first embodiment of the 

21 present invention* 

22 Figure 2 is a block diagram of a hardware 

23 configuration for the payment system of Figure 1. 

24 Figure 3 is a block diagram of the program 

25 arrangement of the payment system of Figure i. 

26 Figure 4A is a diagram of the data fields for a 

27 buyer's cardholder account for use with the payment 

28 system of Figure l. 
Figure 4B is a diagram of the data fields for a 

seller's account for use with the payment system of 

31 Figure 1* 

32 Figure 5 is a flow chart showing message flow 

33 for an payment request using the payment system of 

34 Figure l. 

Figures 6A-6F are diagrams of data messages 
used in connection with the payment system of Figure l. 
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1 Figure 7 is a flow chart showing the message 

2 flow for an payment query and a payment response using 

3 the payment system of Figure 1- 

4 Figure 3 is a flow chart showing the message 
s flow using the payment system of Figure l for 

6 communication with the seller's agent* 

7 Figure 9 is a flow chart showing the message 

8 flow for sending an encrypted authorization code to the 

9 seller using the payment system of Figure i„ 

10 DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS 

11 I- OVERALL SYSTEM 

12 Figure 1 shows a block diagram of a first 

13 embodiment of the present invention for a payment 

14 system 10, The payment system 10 is shown in relation to 
is the internet network 12. The Internet network 12 is a 

16 large, quasi-public network having many users 14. The 

17 Internet network 12 is of a type that the users 14 can 
is access by various means such as dedicated communication 

19 links or conventional commercial telephone systems. The 

20 Internet network 12 provides numerous services for its 

21 users such as e-mail, FTP, and the World Wide Web (WWW) . 

22 Although the payment system 10 is specifically useful for 

23 the Internet, it may be used in conjunction with other 

24 having a plurality of users that can communicate with 

25 each other by e-mail. 

26 In the embodiment of Figure 1, one of the users 

27 14 (designated as a buyer 20) wishes to acquire goods or 
2a services 26 from another of the users {designated as a 

29 seller 28) • The seller 28 may be any user with a product 

30 or service to vend. The goods or services may include 

31 anything that can be sold for value, such as clothing , 

32 appliances , computers , automobiles , technical advice , 

33 consulting, and so on. The goods or services may also 

34 include information products that can be transferred 

35 electronically over a network, such as the Internet. 
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The seller 23 wishes to sell goods or services 
26 to the buyer 20 at a price. The price may be an 
advertised price {e.g, advertised over the Internet, on a 
bulletin board, or other media) , or may be a negotiated 
price (e.g* negotiated via message or e-mail exchange 
over the Internet) , Although the example of Figure 1 
describes one seller 28 and one buyer 20, the payment 

8 system 10 is understood to extend to include multiple 

9 buyers of one seller, multiple sellers to one buyer, and 

10 multiple sellers and multiple buyers. Also, a buyer or a 

11 seller may be an individual, a company, or an 

12 institution. 
Also shown in Figure 1 is a financial 

transaction settlement system 30. The financial 
transaction settlement system 30 represents presently- 
available commercial institutions that process credit and 
other financial transactions. For example, the financial 
is transaction settlement system 30 may represent 

19 commercially available credit card processing 

20 institutions {e.g, Visa, Master Card, Discover, and so 

21 on) . The financial transaction settlement system 30 

22 includes two components: an issuer 32 and an acquirer 34, 
The issuer 32 includes banks, or other institutions, that 
issue credit cards to persons, send statements and bills 
to credit card holders on a regular basis, and collect 

2 e payment from the credit card holders. These functions 

27 are not performed on the Internet but use conventional 

28 mail delivery, authorized direct withdrawals from bank 

29 accounts, etc* 

30 T he payment system 10 of the present embodiment 
utilizes these commercially available issuers 32 to bill 
users and to collect payment from users for their 

33 transactions on the Internet 12 using the payment system 

34 io. For example, a user's transactions that are 

35 initiated using the payment system 10 would show up on 

36 the user's credit card statement as a charge from the 

37 seller 28- 
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1 As mentioned above, the financial transaction 

2 settlement system 30 also includes the acquirer component 

3 34* This acquirer component 34 includes banks or other 

4 institutions that provide merchant accounts for entities 

5 that want to receive payment for the sale of goods or 

6 services* These merchant accounts are similar or 

7 identical to the conventional merchant accounts that are 
s provided to businesses, hs mentioned below, the acquirer 
9 34 processes the user charges received from the payment 

xo system 10 and passes this information to the issuer 

ll component 32 for the preparation and sending of monthly 

22 statements and bills to users and collecting payment from 

13 users. 

14 The payment system 10 includes two distinct 
is parts or systems: an above-the-line system 40 and a 

16 below-the-line system 42. The above-the-line system 40 

17 and the below-the-line system 42 are separated by a 

18 "line 11 or "firewall* 1 44* The line 44 isolates the above™ 

19 the-line system 40 from the below-the-line system 42, 

20 The line 44 permits limited communication between the 

21 above-the-line system 40 and the below-the-line system 42 

22 but prevents unauthorized access to the below-the-line 

23 system 4 2 through the above-the-line system 40* The line 

24 44 provides security for the information contained on the 

25 below-the-line system 42 and prevents hackers on the 

26 Internet from entering the below-the-line system 42 via 

27 the above-the-line system 40. 

26 Figure 2 is a block diagram illustrating one 

29 possible configuration of hardware components used to 

30 implement the payment system 10 of Figure 1- The above- 

31 the-line system 40 includes an above-the-line (or "front 

32 end") computer 50 and the below-the-line system 42 

33 includes a below-the-line (or "back end") computer 52* 

34 The above-the-line computer 50 and the below-the-line 

35 computer 52 are connected together via a private network 

36 53- In a preferred embodiment, the private network is an 

37 Ethernet network. The above- the- line computer 50 
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includes an above-the-line system board 54 associated 
with an above-the-line memory 56, a storage device 58 
such as a fixed disk drive, a back up tape drive 60, a 
removable media drive 62 , a monitor 64, and a power 
supply 66, The above-the-line computer 50 is connected 
to the internet 12 by means of a leased Tl line 69, 
The below-the-line computer 52 includes a 
below-the-line computer system board 68 associated with a 
below-the-line computer memory 70, a below-the-line 
computer storage device 72 such as a fixed disk drive, a 
back up tape drive 74 , a removable media drive 76, a 
monitor 78, and a power supply 80. The below-the-line 
computer 52 is connected to the above-the-line computer 



14 50 by means of Ethernet cable. The below-the-line 

is computer 52 also has a Novell LAN 81 that provides a 



secure communication link apart from the Internet, 

Both the above-the-line computer 50 and the 
below-the-line computer 52 in this embodiment are 
preferably commercially available Sun Microsystems SS1000 
computers. Preferably, both the above-the-line computer 
50 and the below-the-line computer 52 are equipped with 
64 MB memory. As mentioned above, the dedicated private 
network is an Ethernet and includes a SBus host adaptor. 
The communication server is a Sun Microsystems 
SPARCserver 1000, Both the above-the-line monitor 64 and 
the below-the-iine monitor 78 are commercially available 
Sun 17 inch monitors. The above- the- line and below-the- 
line tape drives are Python 5GB tape drives using 4mm 

29 tape available from Sony, Inc* The above -the- line disk 

30 drive 58 and the below-the-line disk drive 72 are 

31 commercially available Seagate 1.7GB disk drives. The 

32 host adaptor is a Sun Microsystems SBus host adaptor. 
The network server is a commercially available Sun 
Microsystems SSarray 101. The above-the-line and below- 
the-line computers 50 and 52 may be similar or identical 
to the front end and back end computers that are 
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1 described in the aforementioned related patent 

2 application Ser. Ho. 08/308,101* 

3 Referring to Figure 3, the above-the-line 

4 computer 50 runs an above-the-line program 90* The 

5 above-the-line program 90 is a software program that 

6 provides for communication with users 14 on the Internet 

7 12- Specif ically, the above-the-line program 90 includes 

8 modules that can be accessed and used by Internet users 

9 who are buyers 20 and Internet users who are sellers 28. 

10 The below-the-line computer 52 xuns a below- 

11 the-line program 92* The above-the-line program 90 

12 communicates with the below-the-line program 92 via the 

13 private network 53* Thus, the above-the-line program 90 

14 is physically separate and isolated from the below-the- 
is line program 92. The below-the-line program 92 receives 

16 information from and sends information to the above-the- 

17 line program 90 by means of batch processing. This 

is comprises, in part, the firewall or line 44 and results 

19 in an inherently safe method of communicating between the 

20 publicly accessible part of the payment system, i P e. the 

21 above-the-line system 40, and the secure part of the 

22 payment system, i.e. the below-the-line system 42. 

23 To access the above-the-line program 90 over 

24 the Internet, users 14 who are buyers may use a user 

25 interface software program 118 that can be run on their 
2S own computers for interactive access, or alternatively, 

27 users 14 may access the payment system 90 via 

28 conventional e-mail programs, for store-and-f orward 

29 access. Similarly, users who are sellers 28 may access 

30 the above-the-line program 90 over the Internet, by 

31 running an interface software program 119 on their own 

32 computers for interactive access, or alternatively, may 

33 access the payment system 10 via conventional e-mail 

34 program. Programs 90, 118, and 119 may be written in any 

35 suitable programming language, such as Tel or c. The 

36 software modules are capable of being used with the UNIX 
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1 operating system, DOS , and may be ported to various other 

2 operating systems. 



II. ESTABLISHING BUYE3S AND SELLERS ACCOUN TS 

In order for a user of the Internet to use the 
payment system 10 for transactions as a buyer, the user 
obtains a subscriber (or cardholder) account 100 with the 
payment system 10. The buyer's cardholder account may be 
similar or identical to the cardholder account described 
9 in the related patent application. In order for a user 

of the Internet to use the payment system 10 for 
transactions as a seller, the user obtains a seller's 
account 200 with the payment system 10* Each user may 
arrange with the payment system 10 individually to set up 
14 appropriate accounts, or alternatively, a bank may make 

is arrangements with the payment system 10 to provide 

16 appropriate accounts to a large number of the bank's 

17 customers, such as its credit card customers, as a 
enhancement or a promotion. The characteristics of the 
buyer's and seller's accounts are set forth as follows: 
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20 A. The buyers' accounts 

21 Referring to Figure 4A, there is depicted a 

22 representation of the data in a buyer's cardholder 
account 100. The buyer's cardholder account 100 includes 



23 



24 the following information: a cardnumber 102, the 

25 cardholder's name 103, the cardholder's Internet e-mail 

26 address 104, a state 106, and a pay-in selection 108. 
21 These items are explained below. In addition, the 

28 cardholder account 100 may include additional 

information, such as a pay-out selection and a currency 
preference 112, as disclosed in the aforementioned patent 

31 application* 

32 The cardnumber 102 uniquely identifies the 

33 cardholder account 100, The cardnumber 102 is an 

34 alphanumeric string that is easily typed and read by 

35 a human* Also, the cardnumber 102 is relatively hard to 



29 
30 



WO £7/16897 PCIYUS96/175S6 

10 

1 guess and bears no deducible relationship to any 

2 financial artifact, such as a credit cardnumber, 

3 a checking account number, nor to any e-mail address, 

4 The cardholder's name 103 is the cardholder's 
s actual name, business name, or an alias. 

6 The cardholder Internet e-mail address 1Q4 is 

7 the e~mail address of the cardholder that is unique for 

8 each user of the Internet* 

9 The state 106 is one of "active", "suspended" , 
io or "invalid-" 

n The pay-in selection 108 is how the cardholder 

12 transfers funds, i-e, makes payment, for use with the 

13 payment system 10 . Typically, this may be done by using 

14 a conventional authorization to charge a credit card, 
is The pay-in selection is not encoded in nor directly 

16 derivable from the cardnumber- 

17 Users of the Internet who wish to use the 

18 payment system 10 for the purchase of goods or services 

19 over the Internet may obtain cardholder or subscriber 

20 accounts as described in the aforementioned patent 

21 application, or by making an application to First Virtual 

22 at its web site, 

23 B. The sellers' accounts 

24 Users of the Internet who wish to use the 

25 payment system 10 as sellers need to be qualified* 

26 Sellers are qualified by establishing a relationship with 

27 an acquiring bank 34 that underwrites the seller 28 for 

28 credit worthiness and that provides the seller 28 with a 

29 merchant account. As shown in Figure l, an acquiring 

30 bank 34 is part of the settlement system 30. 

31 Establishing a merchant account enables the seller 28 to 

32 act as a merchant and accept credit cards (or credit card 

33 numbers) for payment for goods and services* 

34 Referring to Figure l r when a user becomes 

35 qualified as a seller, the user also establishes a 

36 relationship with a seller's agent 115- The seller's 
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agent 115 is a bank card processor that interacts with 
the credit card bureaus 117 such as visa, Master Card, 
etc., that are part of the settlement system 30 The 
seller's agent 115 performs the functions of credit card 
authorizations and chargebacks. Companies that are now 
performing these services include EDS and FDR. For 
example, in a conventional credit card transaction at an 
retail outlet, after a customer presents a credit card 
for payment, the clerk passes the card through a card 
reader that makes a call to a bank card processing 
company for authorization. The call from the card reader 
identifies the card number and the amount of sale. If 
the credit card is valid and the amount is within the 
credit limits of the card, the seller's agent 117 
responds with an authorization code. In the context of 
16 the present embodiment of the payment system, it is 

intended that sellers' agents 115 will perform similar 
functions as they do now with respect to conventional 
credit card transactions. There may be many seller's 
20 agents associated with different sellers, or many of the 
sellers may use the same agent. In an alternative 
embodiment, the payment system 10 may perform the 

23 function of seller's agent. 

24 as mentioned above, a user of the Internet who 
wishes to use the payment system 10 to obtain payment for 
transactions as a seller of goods or services obtains a 
seller's account 200 with the payment system 10. 
Referring to Figure 4B, the seller's account 200 includes 
the following data; a seller's account cardnumber 202, 
the seller's name 203, the seller's Internet e-mail 
address 204, and a state 206, These data are similar to 
the data in the buyer's cardholder account 100. The 
seller's account 200 includes at least one additional 
item of data that is not included in the buyer's 
cardholder account, that is, the seller's account 200 
includes a seller's agent number 219. In addition, the 
seller's account may include other information. 
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1 Referring again to Figure 3, the buyer 

2 cardholder account and seller account information is 

3 distributed in the payment system 10. Only a portion of 

4 the buyer cardholder account and seller account 

5 information resides in the above-the-line system 4 0 where 

6 it is accessible by the above-the-line program 90. 

? However, full copies of all the buyers' cardholder and 

e sellers' account information reside on the below-the-line 

9 system 42 where it is accessible by the below-the-line 

10 program 92. Specifically, the parts of the subscriber 

11 and seller account information that reside on the above- 

12 the-line computer 50 are located in one or more data 

13 files 91 stored on the above-the-line computer storage 

14 device 58. The subscriber and seller account information 
is that resides on the below-the-line computer 52 is located 

16 in one or more data files 114 stored on the below-the- 

17 line computer storage device 72, The above-the-line 

18 program 90 operates with the database file 91 that is. 

19 stored on the above-the-line storage 58 and the below- 

20 the-line program 92 operates with the database file 114 

21 located on the below-the-line storage 72. 

22 The items of information in the buyer 

23 cardholder account located in the file 91 on the above- 

24 the-iine computer 50 include the subscriber account 

25 number 102, the cardholder's name 103 , the Internet 

26 e-mail address information 104, and the state 106. 

2? However, the above-the-line computer 50 does not contain 

28 any of the pay-in 108 information, such as credit card 

29 information, etc, associated with the buyer-subscriber* 

30 Credit card or other payment information is located only 

31 in the data file 3.14 located on the storage device 72 of 

32 the below-the-line system 42. similarly, the items of 

33 information in the seller's account 200 located on the 

34 above-the-line system 40 include the seller's account 

35 number 202, the seller's name 203 r the seller's Internet 

36 e-mail address information 204, and the state 206 of the 

37 seller's account. However, the above-the-line system 40 



W097/16g97 PCT/US96/I7556 

13 

1 does not contain the seller's agent number 219. This 

2 information is located only in the data file 114 on the 

3 storage device 72 of below-the-line computer 52, 

4 XIX- METHODS OF OPERATION OF THE PAYMENT SYSTEM 

5 As mentioned above, the payment system 10 

6 provides users of the Internet with a means for 

7 initiating a payment transaction, and in particular, a 
S means for payment for goods or services. 

9 it is assumed for purposes of the operation of 

10 the embodiment described herein that the Internet user 

11 who wants to make a payment has already established a 

12 buyer's cardholder account with the payment system, as 

13 described above. Further, it is assumed that the 

14 Internet user who wants to receive payments has 

is established a seller's account with the payment system, 

16 as described above. 

17 Referring to Figure 5, an internet user (i-e* 

18 the buyer 20) becomes aware of goods or services that the 

19 seller 28 has to vend. This may occur in many different 

20 ways. For example, the buyer 20 may be searching on the 

21 internet for a seller of the particular product or 

22 service. Alternatively, the buyer 20 may be "browsing" 

23 and happen upon the seller's page. Also, the seller 28 

24 may send messages to a class of Internet users to inform 

25 them of the goods or services that it has to sell- The 

26 buyer 20 may be aware of the seller 2 8 via advertising, 

27 on the Internet or other media, through others, from a 

28 bulletin board, from a product warehouse on the Internet, 

29 or any other means, 

30 The buyer 20 becomes interested in the goods or 

31 services that the seller 28 has to vend and then the 

32 buyer 20 may contact the seller 28 by sending a message 

33 to the seller's internet address or by an interactive 

34 protocol, e.g. the World Wide Web, FTP, etc. The means 

35 to contact the seller, e.g. the seller's e-mail address 

36 or Web site address, may be included in advertising, etc. 
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1 The buyer 20 and the seller 28 may partake in an exchange 

2 of messages 107 over the Internet before the buyer 20 

3 decides to purchase the goods or services from the seller 

4 28, For example, the buyer 20 may send massages to the 
s seller 28 to inquire about product availability, 

6 specifications, options, support, etc. The seller 28 may 

7 respond with appropriate messages over the Internet in 

8 reply to the buyer's inquiries. Also, the buyer and 

9 seller may exchange messages to negotiate a price for the 

10 goods or services. In addition, if the goods or services 

11 that the seller wants to sell are of a type that require 

12 a physical delivery, the buyer and seller may make 

13 appropriate arrangements for such delivery by message 

14 exchange over the Internet, 

is When the buyer 20 decides to buy the goods or 

16 services, the buyer 20 informs the seller 28 of the 

i? buyer's cardnumber 102 by providing an appropriate 

la message 128 over the Internet 12. The information 

19 included in the buyer's message 128 is represented in 

20 Figure 6A. The message 128 may take the form of an 

21 e-mail message over the Internet 12 that includes the 

22 buyer's cardnumber, or alternatively, the buyer 20 may 

23 inform the seller of its cardnumber 102 by means of 

24 interactive protocols, or by including the cardnumber in 

25 a username in a file transferred from the buyer 20 to the 

26 seller 28 using the Internet 12, or by other means. 

27 Referring again to Figure 5, upon receiving the 

28 buyer's message 128 that includes the buyer's cardnumber 

29 102, the seller 28 sends an payment-request message 129 

30 to the payment system 10 via the internet 12- 

31 Specifically, the seller 28 sends the payment-request 

32 message 129 to the above-the-line program 90 on the 

33 above^the^line system 40, The payment-request message 

34 129 may be sent by either e-mail or by using an 

35 interactive protocol on the Internet 12, 

36 Referring to Figure 6B, the payment-request 

37 message 129 contains the following information: the 
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1 buyer's cardnumber 102, the seller's cardnumber 202, a 

2 textual description 232 of the transaction, an amount 

3 234 , a merchant's transaction-identifier 236, and any 

4 physical delivery 237 information for the purchase. 

5 After receiving the payment-request message 

6 129, the above-the-line program 90 ascertains whether the 

7 payment-request message 129 is from a qualified seller 
s 20, This is performed by the above -the- line program 90 
9 by checking the database file 91 on the above-the-line 

10 system 40. Upon confirmation that the payment-request 

11 message 129 is from a qualified seller, the payment 

12 system 10 generates a message to ask the buyer 20 whether 

13 the buyer 20 wishes to authorize payment for the 

14 transaction to the seller 28. specifically, as shown in 
is Figure 7 , the above-the-line program 9 0 generates 

16 an payment-query message 140 to be sent to the buyer 20 

17 over the Internet, 

1B as shown in Figure 6C, the payment-query 

19 message 140 contains the following data: a transaction- 

20 identifier 142, the buyer's name 103, the seller's name 

21 203, the textual description of the transaction 232, and 

22 an amount 235. The transaction-identifier 142 is a 

23 number or code uniquely-generated by the above-the-line 

24 program 90* Using the information contained in the 

25 payment-request message 129 from the seller 28 , 

26 specifically the buyer's cardnumber 102 and the seller's 

27 cardnumber 202, the above~the-line program 90 looks up 
26 the buyer's name 103 and the seller's name 203* In the 

29 payment^guery message 140, the buyer's name 103 and the 

30 seller's name 203 are used instead of the buyer's 

31 cardnumber 102 and the seller's cardnumber 102 in order 

32 to minimize transmission of the cardnumber information 

33 over the Internet thereby improving security of the 

34 system. The amount 235 sent to the buyer may differ from 

35 in the transaction amount 234 received from the seller to 

36 account for any currency exchange rates or service 

37 charges imposed by the payment system 10. 
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1 After generating the payment-query message 140, 

2 the above-the~line system 40 sends the payment-query 

3 message 140 to the buyer's e-mail address and waits for 

4 a response from the buyer 20, The payment-query message 

5 140 requests the buyer 20 to respond with one of three 

6 possible replies: "yes* 1 , "no", or "fraud." Thus, there 

7 are four possible alternatives that can occur in response 

8 to the payment* query message 140, taking into account the 

9 three permitted responses by the buyer and the 

10 possibility of no reply* 

11 i. Ho reply from Buyer 

12 If there is no reply from the buyer 20 to the 

13 payment-query message 140 after a period of time, the 

14 above-the-line system 40 will send the payment-query 

15 message 140 again, i-e. a second notice. The above-the- 

16 line system 4 0 may send the payment-query message 140 to 

17 the buyer 20 several times until a response from the 

18 buyer 20 is obtained* If more than a certain number of 

19 days elapses, or more than a certain number of payment- 

20 query messages 140 are outstanding to the buyer 20, and 

21 the above-the-line system 4 0 does not receive an 

22 appropriate response from the buyer 20, as indicated 

23 below, then the above-the-line system 40 causes the 

24 buyer's cardholder account 100 to become suspended* This 

25 is done by changing the buyer's cardholder state 106 from 

26 •♦active" to "suspended, u The buyer's account 100 may be 

27 reinstated later if an appropriate response is received 

28 and/or the number of outstanding payment-query messages 

29 140 for the buyer 20 drops to less than a certain 

30 threshold* Upon reinstatement, the buyer's account 100 

31 is returned to an "active 11 state. Further, any 

32 outstanding payment-query messages 140 may be sent again 

33 some time later. 
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1 2* Buyer responds ■•no" 

2 Referring to Figure 7 , in response to the 

3 payment-query message 140, the buyer 20 may respond by 

4 sending a payment-response message 150 to the above-the* 
s line system 40 via the Internet 12. As illustrated in 

6 Figure 6D, the payment-response message 150 contains the 

7 following data: the payment system generated 

a transaction-identifier 142 and an indication 152 of the 

9 buyer's willingness to allow transfer of funds. The 

xo willingness indication 152 is one of "yes", "no", or 

11 " fraud . " 

12 The structure of the payment-query message 14 0 

13 facilitates preparation of the payment-response message 

14 150 by the buyer 20. In the payment-query message 140, 

is the transaction-identifier 142 is placed in the "subject" 

16 of the payment-query message 140 and the e-mail address 

i? to which the buyer's payment-response message 150 should 

is be sent (e.g. "response@card.com") is placed in the 

19 "sender's address" of the payment-query message 140. 

20 Many conventional e-mail programs in use on the Internet, 

21 including many older programs, have a feature that will 

22 automatically read the "subject" and "sender's address" 

23 of a received message and format a reply message directed 

24 to the sender's address with the same fl subject" as the 

25 received message. If the buyer 20 uses this common 

26 feature to send his payment-response message 150 back to 
2? the payment system 10, the only information that the 

28 buyer 20 will have to add is the willingness indication 

29 152 which is only a one word or one letter reply, (i.e., 

30 "yes* 1 , "no", or "fraud", or "V", "N", or "F") * 

31 xf the buyer 20 replies "no" in the willingness 

32 indicator 152, the above-the-line system 40 sends a 

33 payment-result 160 to the seller 28 with a "no" 

34 indication 152. The format of a payment-result message 

35 160 is shown in Figure 6E. A payment-result message 160 

36 contains the following information; the transaction^ 
3? identifier 142, the seller's name 203, the buyer's name 
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1 103, the textual description of the transaction 232, the 

2 amount 235, the negative indication 152 of the buyer's 

3 willingness to allow transfer of funds, and the seller's 

4 transaction-identifier 236 if present in the originating 

5 payment-request message 129- Optionally, the original 

6 transaction amount 234 may also be included- When a 

7 buyer declines to authorize payment, a service charge may 

8 be generated to the buyer 20 by the payment system. 

9 Information regarding the buyer's "no 1 ' reply in 

10 the payment-response 150 is delivered from the above^the- 

11 line program 90 to the below-the-line program 92 where a 

12 service charge may be added to a settlement queue for the 

13 buyer 20, as discussed in the related application, 

14 Further, if a "no" indication is received more than 
is a certain number of times in a certain number of 

16 transactions over a certain time period, then the state 

1? 106 of buyer's account 100 may become "suspended". This 

is is to prevent a user from making a practice of ordering 

19 products without authorizing payment for them, If the 

20 buyer's account state 106 becomes suspended, this 

21 information is also transmitted by batch processing from 

22 the above-the-line program 90 to the below-the-line 

23 program 92 so that the cardholder account information on 

24 the below-the-line computer 52 conforms to that on the 

25 above^the^line computer 50 • 

26 3* Buyer responds "fraud" 

27 Referring again to Figure 7, if the buyer 20 

28 responds to the payment -query message 140 by sending a 

29 payment-response message 150 to the above-the-line 

30 computer 50 via the Internet 12 that indicates "fraud" in 

31 the willingness indication 152, the payment system 10 

32 changes the state 106 of the buyer's cardholder account 

33 100 to "invalid." A response of "fraud" indicates that 

34 the buyer 2 0 did not request the goods or services from 

35 the seller 28. The information that the buyer 20 

36 responded "fraud" to the willingness indication 152 is 
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1 transmitted by batch processing from the above-the~line 

2 program 90 to the below-the-line program 92 so that the 

3 cardholder account information on the below-the-line 

4 computer 52 conforms to that on the above-the-line 

5 computer 50. If the buyer 20 responds "fraud 11 , an 
$ appropriate message is sent to seller 28* 

7 4. Buyer responds "yes" 

a If, in response to the payment-query message 

9 140, the buyer 2 0 responds by sending a payment ^response 

10 message 150 to the above-the-line system 40 via the 

11 Internet 12 that indicates "yes" in the willingness 

12 indication 152, the above-the-line program 90 transfers 

13 the transaction information, by batch processing, to the 

14 below- the-line system 52- The information communicated 

15 from the above-the-line system 50 to the below-the-line 

16 system 52 includes the buyer's cardnumber 102, the 

17 seller's cardnumber 202, a transaction number 142, the 

18 amount of the transaction 235, and any physical delivery 

19 information for the purchase* 

20 When the belov-the-line system 52 receives the 

21 information from the above-the-line system 50, it 

22 associates the identified buyer's cardnumber 102 with the 

23 buyer's payment information. This information is stored 

24 in the data file 114 on the below-the-line storage 72. 

25 The below-the-line system 42 also associates the seller's 

26 account number 202 with the seller's agent number 219 

2? which is also stored on the below-the-Xine system storage 

28 72* 

29 Next, referring to Figure 8, the below-the-line 

30 system 42 communicates with the seller's agent 115 

31 associated with the seller's agent number 219. The 

32 communication 250 to the seller's agent 115 identifies 

33 the seller 203, the transaction amount 235, the buyer's 

34 payment information (such as the buyer's credit card 

35 number), and any physical delivery information for the 
3S purchase. The communication 250 to the seller's agent 



WO 97/16897 PCT/liS96/175S6 

20 

1 115 is performed off the Internet on secure communication 

2 channels. The communication 250 requests whether the 

3 seller's agent 115 will authorize a charge of the 

4 indicated amount 235 to the buyer's credit card, 

s If the seller's agent 115 indicates that it 

§ will approve the charge, it sends an authorization code 

7 260 to the below-the-line system 40, Upon receipt of the 

s authorisation code 260, the below-the-line program 92 

9 generates a cryptographic signature for the authorization 

10 code 260. In a preferred embodiment, public key 

11 cryptography is used, such as programs available from 

12 RSA, or PGP* For purposes of security, it is very 

13 desirable to ensure the authenticity of the sender of the 

14 authorization code. Accordingly, public key cryptography 
is is used to authenticate the sender's message (in this 

is case, the message of the payment system 10) and is not 

17 necessarily used to prevent someone else from reading the 

is authorization code. 

19 The signed authorization code 262 is batch 

20 processed across the line 44 from the below-the-line 

21 system 42 to the above-the-line system 40. Referring to 

22 Figure 9, upon receipt of the encrypted authorization 

23 code 262 from the below-the-line system 42, the above- 

24 the-line system 40 prepares and sends a payment- 
's notification 264 to seller 28. The payment-notification 

26 264 may be a plain text e-mail message that includes the 

27 seller's transaction identifier 236 and the 

28 cryptographically signed authorization code 262. The 

29 information included in the payment-notification message 

30 264 is represented in Figure 6F. Upon receipt of the 

31 payment-notification 264, the seller 28 can authenticate 

32 the authorization code 2 60 using the public key of the 

33 payment system used by the encryption program on the 

34 below-the-line system 42 . Upon verification of the 

35 authenticity of the message 264 , the seller 28 can 

36 proceed to deliver the goods or services to the buyer 20 

37 using whatever arrangements had been previously made* 
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Further processing of the charges to the 
buyer's credit card account and credits to the seller's 
merchant account are conducted by the conventional 
settlement system 30 off the Internet using secure 
communications channels. This isolates the buyer-seller 
activity vhich occurs on the Internet from the financial 
and credit activity which occurs off the Internet. 
a If the seller's agent lis accepts the buyer's 

9 card, the charge is processed in the conventional way in 
the credit card system 30 to post the charge to the 
buyer's credit card in the usual manner by sending the 
appropriate information to the buyer's credit card issuer 
32* The buyer's credit card issuer 32 sends the buyer 2 0 
14 a credit card bill, typically via the postal system. The 
is credit card bill lists the charge 2 35 as an item on the 

16 user's credit card bill- The settlement system 30 also 

i? arranges to make a payment to the seller 28. This may be 

a transfer from the acquirer-bank 34 to the seller's bank 
for direct deposit to the seller's checking account. 

If the seller's agent 115 refuses to accept the 
buyer's credit card number, e.g. the credit card is lost, 

22 stolen, canceled, expired, or the transaction amount 

23 exceeds the card's limit, etc., the seller's agent does 
not send an authorization code back to the below-the-line 
system 42. Instead, the seller's agent may send a code 

26 indicating refusal of the buyer's card. This information 

27 is similarly batch processed to the above-the-line system 

28 42 and an appropriate message is sent to the seller 28 

29 indicating the lack of authorization. The seller 28 may 
then refuse to deliver the goods or services to the buyer 
20, or request another card number. 

The description previously set forth explains 

33 how the payment system can process a charge to the user 

34 using the conventional, commercially available credit 
3$ card system. There may be various modifications of the 

36 previously described arrangement that may be utilized , 

37 For example, the issuer bank 32 may process a debit to a 
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1 bank account of the buyer 20 instead of sending a credit 

2 card bill. Alternately, the issuer bank 32 may send the 

3 buyer a bill (other than a credit card bill) for the 

4 accumulated charges. 

s As mentioned above , the function of the 

6 seller's agent may be performed by the payment system 

7 instead of a separate entity. According to this 

8 alternative, instead of communicating the information 

9 about the transaction (i.e. the seller, the transaction 
10 amount, the buyer's credit card number, physical delivery 
n information, etc.) to a separate party designated by the 

12 seller as its agent who in turn replies whether it will 

13 approve the transaction, the payment system can perform 

14 this function itself. If this function is performed by 
is the payment system, it is performed either on the below- 

16 the-line system or on an another entirely separate, 

17 secure system. Like a separate seller's agent, the 
la payment system would communicate with the appropriate 

19 credit card services to determine whether to authorize 

20 the transaction in the amount identified in the 

21 communication from the above-the-line system. The 

22 payment system would then perform the seller's agent's 

23 function of generating an authorization code* Then, as 

24 in the above-described embodiment having separate 

25 seller's agents, the payment system would generate a 

26 cryptographically-signed message including the 

27 authorisation code, send the message to the above-the~ 

28 line system, and send the cryptographically-signed 

29 message to the seller over the Internet* 

30 The payment system described above is 

31 particularly advantageous for use on networks that do not 

32 have a centralized management authority, such as the 

33 Internet, Other such systems include FIDOnet and 

34 UUCP/Usenet, although it is recognized that these systems 

35 are considered by some to part of or associated with the 

36 Internet. The payment system described above could also 
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1 be used on future versions, generations, etc., of the 

2 internet. The payment system could also be used on 

3 centrally managed computer systems, such as America 

4 online, Prodigy, etc, 

s The payment system described above enables 

6 Internet users to initiate commercial transactions to buy 

7 and sell goods or services over a quasi-public network, 

8 such as the Internet, regardless of where the users are 

9 located or where the payment system is located. Either 

10 the buyer or the seller may be located in the U.S. or 

11 outside the U*S. Also, some or all of the payment system 

12 components, such as the above^the-line system or the 

13 foelow~the-line system, may be located either in the U.S. 

14 or outside the U.S. 

15 The foregoing detailed description should foe 

16 regarded as illustrative rather than limiting and the 

17 appended claims including all equivalents are intended to 
is define the scope of the invention. 
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1 WE CLAIM: 

2 1 . A method for enabling a seller and a buyer 

3 communicating oveir a quasi-public network to initiate a 

4 commercial transaction involving a payment of funds by 

s the buyer to the seller, said method comprising the steps 

6 of: 

7 receiving a message over the quasi-public network 
a from the seller, the seller's message identifying the 

9 buyer and a transaction; 

10 sending a message over the quasi-public network to 

11 the identified buyer, said message to the buyer 

12 identifying the transaction; 

13 receiving a message over the quasi^public network 

14 from the identified buyer, said buyer's message 

15 indicating acceptance or refusal of the transaction; 

16 if the buyer's message indicates approval of the 

17 transaction, communicating to an agent of the seller via 
la a secure communication channel information for permitting 

19 the buyer to pay for transaction; 

20 receiving an authorization code from the seller's 

21 agent via said secure communication channels; and 

22 sending a cryptographically-signed message including 

23 the authorization code to the seller via the quasi-public 

24 network* 

25 2, The method of claim 1 further comprising the 
2a step of: 

2? connecting a computer system to the quasi-public 

28 network, said computer system having a means for sending 

29 and receiving messages. 

30 3. The method of claim 1 in which the 

31 cryptographically-signed message utilizes public key 

32 cryptography * 

33 4 . The method of claim l further comprising the 

34 steps of: 
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cryptographically-encoding the authorization code; 



1 

2 and 



19 



23 



attaching said cryptographically-encoded 
authorization code to the message to the seller. 



5 5. The method of claim 1 in which the message 

6 received over the quasi-public network from a qualified 
i seller is an e-mail message* 



a 6. The method of claim 1 in which the message sent 

9 over the quasi-public network to the identified buyer is 

10 an e-mail message* 

X1 7 # The method of claim 1 in which the message 

12 received over the quasi-public network from the 

13 identified buyer is an e-mail message* 

14 e* The method of claim 1 in which the message sent 
is over the quasi-public network to the seller is an e-mail 

16 message. 

17 9^ xhe method of claim 1 in which the quasi-public 
is message is the Internet* 



10. The method of claim l further comprising the 

20 step of; 

21 qualifying users of the quasi-public network as 

22 sellers. 



11. The method of claim 1 further comprising the 

24 step of: 

25 maintaining a database of account holders who are 



26 users of the quasi-public network. 



12* The method of claim 11 in which said database 
includes information regarding account holders who are 
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1 qualified as sellers and account holders who are not 

2 qualified as sellers. 

3 13* The method of claim 11 in which the database 

4 includes information indicating whether an account holder 

5 is qualified as a seller. 

6 14, The method of claim 1 further comprising the 

7 step of maintaining a first system and a second system, 
s sa id first system comprising communication 

9 accessible to the quasi-public network, and 
10 said second system comprising communication 

ix accessible to sellers' agents who interface with a 

12 bankcard processing network, and further in which said 

13 method further comprises the step of: 

14 communicating information regarding the 

is transaction from the first system to the second system, 

16 after approval by the buyer of the transaction* 

17 15, The method of claim 1 further comprising the 

18 step of maintaining a first system and a second system, 

19 said first system comprising a first database 

20 of account holders, said account holders being users of 

21 the quasi-public network and including a first group of 

22 account holders who are qualified as sellers and a second 

23 group of account holders who are not qualified as 

24 sellers, and 

25 said second system comprising a second database 

26 of said account holders including information associated 

27 with said second group of account holders including means 
23 by which payment can be made by said second group of 

29 account holders* 

30 16* The method of claim 15 further comprising the 

31 step of maintaining a firewall between said first system 

32 and said second system 
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1 17. The method of claim 1 in which communication 

2 between the first system and the second system is by 

3 batch processing. 
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18* The method of claim 1 in which the transaction 
is for goods or services provided by the seller to the 



6 buyer < 



19* A method of operating a system that enables a 
seller and a buyer communicating over a quasi-public 
network to enter into a commercial transaction involving 
a payment of funds by the buyer for goods or services of 
value provided by the seller to the buyer, said method 

12 comprising the steps of: 

13 qualifying a first group of users of the quasi- 

14 public network as sellers; 
maintaining bankcard payment information for a 

second group of users of the quasi -public network, said 
bankcard payment information maintained on a storage 



is medium in a secure portion of a computer system; 

19 maintaining listings of said first and second groups 



of users on a storage medium that is located in a portion 
of said computer system that has access to the quasi- 
public network, but that is isolated from the secure 

23 portion of the computer system; 

24 in response to a message over the quasi-public 

25 network from a user of the first group identifying a 

26 potential transaction with a user of the second group, 

27 sending a message over the quasi-public network to the 

28 identified user of the second group for confirmation; 

29 upon receipt of a message over the quasi-public 

30 network from the user of the second group confirming the 

31 transaction with the user of the first group, 

32 communicating bankcard information over secure channels 

33 to an agent of the user of the first group; 
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1 upon receipt of an authorization code from the agent 

2 via secure channels, cryptographically signing the 

3 authorization code; and 

4 sending the authorization code to the user of the 
s first group via the quasi^public network. 

6 20- The method of claim 19 further comprising the 

? step of: 

a receiving authorization from said first group of 

9 users to act as said agent. 

10 21. The method of claim 20 further wherein said 

n authorization code is generated by said system. 

12 22. A system for enabling commerce among users on a 

13 quasi-public computer network, comprising: 

14 means for sending and receiving messages to users on 
is the quasi-public network; 

15 means for identifying users who are qualified as 
17 sellers; 

is means for identifying messages received from users 

19 who are qualified as sellers; 

20 means for generating messages to users who are 

21 buyers identified in the messages received from the 

22 qualified sellers requesting confirmation of transactions 

23 between said users who are sellers and said users who are 

24 buyers ; 

25 means for identifying messages from the buyers 

26 indicating confirmation of the transactions; 

27 means for isolating the sending and receiving of 

28 messages to and from users from financial information 

29 associated with said users who are buyers for settling 
3D financial transactions; 

31 means for sending financial information associated 

32 with buyers via secure channels to agents of sellers 

33 relative to confirmed transactions; 
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x means for receiving authorization codes from the 

2 sellers' agents; 

3 means for cryptographically signing the 
a authorization codes; and 

5 means for generating messages to the sellers 

6 including the cryptographically encoded authorization 

7 codes * 

8 23 - A method of operating a computer system to 

9 enable users of a quasi-public network to initiate a 
ID commercial transaction involving a payment of funds by 
ai one user of the quasi-public network to another user of 

12 the quasi-public network, the method comprising the steps 

13 of: 

14 maintaining a listing of users of the quasi-public 
is network who are qualified to function as sellers; 

is operating a computer system that is connected to the 

1? quasi-public network, said computer system having a means 

18 for sending and receiving messages from users of the 

19 quasi-public network; 

20 upon receipt of a message over the quasi-public 

21 network from a first user of the quasi-public network, 

22 said first user being qualified to function as a seller, 

23 sending a message over the quasi-public network to a 

24 second user of the quasi-public network, said second user 

25 being identified in the message from the first user, said 

26 message being sent to the second user including a request 

27 to confirm a transaction identified in the message 

28 received from the first user; 

29 upon receipt of a confirmation of the transaction 

30 from the second user, forwarding payment information of 

31 the second user to an agent of the first user; and 

32 upon receipt of an authorization code from the 

33 agent, encrypting the authorization code and sending the 

34 authorization code to the first user. 
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1 24, A payment system for use with the Internet 

2 comprising: 

3 qualifying a user as a seller; 

4 receiving a message via the Internet from the 

s qualified seller regarding a transaction with a buyer 

6 that identifies at least an account identification of the 

7 buyer , said account identification maintained by the 
a system ; 

9 requesting confirmation of the transaction from the 

10 buyer by communicating a message to the buyer via the 

11 Internet; 

12 upon receiving confirmation from the buyer of the 

13 transaction from the buyer via the Internet; 

14 sending a message off the Internet to an agent of 
is the seller, said message containing information relating 

16 to the transaction and payment information for the buyer; 

17 receiving confirmation of the transaction from the 

18 seller's agent; and 

19 communicating an authorization code to the seller. 

20 25, The method of claim 24 further comprising the 

21 step of; 

22 obtaining authorization from said seller to act as 

23 an agent therefor, 

24 26. The method of claim 25 further comprising the 

25 steps of; 

26 confirming the transaction and payment information 

27 as seller's agent; and 

28 generating said confirmation as seller's agent. 

29 27* The method of claim 24 further comprising the 

30 step of cryptographically signing a message including the 

31 authorization code communicated to the seller* 
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